Data Security

Payment Card Industry Data Security Standard

 

PCI DSS = Payment Card Industry Data Security Standard (often shortened to “PCI”), is a set of data security requirements established by the major card brands (including Visa® and MasterCard®) to protect cardholder account information.

To Whom Does PCI Apply?

All merchants who accept any type of payment card transactions must be compliant with the PCI DSS at all times.

Two Important Steps to PCI Compliance:

  1. Merchants must maintain compliance by satisfying the 12 PCI DSS requirements at all times.
  2. Level 1-3 merchants must then validate or prove their compliance by meeting requirements that vary by “PCI level,” which is based on annual card transaction volumes.

PCI levels range from 1 to 4, representing highest to lowest annual transaction volumes

Please review the "Determining Your PCI Levels" navigation tab above in determining a Merchants PCI level and the "PCI Level 1-4 Boarding Requirements" tab to ensure your merchants are provided the proper expectation when boarding with Bank of America Merchant Services.